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1 Posters and demonstrations: Developing usable CAPTCHAs for blind users 
Jonathan Holman, Jonathan Lazar, Jinjuan Heidi Feng, John D'Arcy 
October 2007 Proceedings of the 9th international ACM SIGACCESS conference on 

Computers and accessibility Assets '07 
Publisher: ACM Press 

Full text available: Qpdf(322 33 KB) Additional Information: full citation, abstract, references, i n de x ter m s 

CAPTCHAs are widely used by websites for security and privacy purposes. However, 
traditional text-based CAPTCHAs are not suitable for individuals with visual impairments. 
We proposed and developed a new form of CAPTCHA that combines both visual and audio 
information to allow easy access by users with visual impairments. A preliminary 
evaluation suggests strong potential for the new form of CAPTCHA for both blind and 
visual users. 



Keywords: CAPTCHA, accessibility, blind user, security, turing test, universal usability, 
usability, visual impairment 



2 P oster 2: applica t io n s t rack : I MAG INATION: a rob u st image-bas e d CAP T C HA 

generation system 
Ritendra Datta, Jia Li, James Z. Wang 

November 2005 Proceedings of the 13th annual ACM international conference on 
Multimedia MULTIMEDIA '05 

Publisher: ACM Press 

Full text available: ^| pdf( 3Q8.63 K B) Additional Information: full ci tat i o n, abstract, refe re nc e s, index terms 

We propose IMAGINATION (IMAge Generation for INternet AuthenticaTION), a system for 
the generation of attack-resistant, user-friendly, image-based CAPTCHAs. In our system, 
we produce controlled distortions on randomly chosen images and present them to the 
user for annotation from a given list of words. The distortions are performed in a way that 
satisfies the incongruous requirements of low perceptual degradation and high resistance 
to attack by content-based image retrieval systems. Word choice ... 

Keywords: CAPTCHA, automated turing test, image retrieval 
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Keeping bots out of online games 
Philippe Golle, Nicolas Ducheneaut 

June 2005 Proceedings of the 2005 ACM SIGCHI International Conference on 
Advances in computer entertainment technology ACE '05 

Publisher: ACM Press 

Full text available: ^ pdfd 33.20 KB) Additional Information: full citation, abstract, references 

We study the problem of restricting participation in online games to human players, so 
they can enjoy the game without interference from automated playing agents known as 
bots. We propose a range of techniques, both software and hardware based, to 
distinguish bots from human players in a wide variety of online games, from poker to 
"shoot'em ups." 

Games: Preventing bots from playing online games 
Philippe Golle, Nicolas Ducheneaut 

July 2005 Computers in Entertainment (CIE), volume 3 issue 3 
Publisher: ACM Press 

Full text available: ^) pdf(210.16 KB) Additional Information: full citation, abstract, references, index terms 

As multiplayer online gaming gains in economic and social importance, an increasingly 
large number of players is beginning to rely on bots (automated player agents) to gain 
unfair advantages in games. In this article we study the problem of restricting 
participation in online games to human players so they can enjoy the game without 
interference from the bots. We propose two broad approaches to prevent bots from 
playing online games. The first consists of seamlessly integrating software-based te ... 

Keywords: CAPTCHAs, agents, bots, games, reverse Turing test 



Telling humans and computers apart automatically 
Luis von Ahn, Manuel Blum, John Langford 
February 2004 Communications of the ACM, volume 47 issue 2 
Publisher: ACM Press 

Full text available: ff| pdf(1 06.33 KB) Additional Information: full cita tion , abstract, references, citings, index 
g| html(18.53 KB) term s 

How lazy cryptographers do AI. 

Session M1: pri va cy in e-commerce: Security when people matter: structurin g 
incentives for user behavior 
Rick Wash, Jeffrey K. MacKie-Mason 

August 2007 Proceedings of the ninth international conference on Electronic 
commerce ICEC '07 

Publisher: ACM Press 

Full text available: pdf(3Q1.Q7 KB) Additional Information: full citation, abstract , references , index terms 

Humans are "smart components" in a system, but cannot be directly programmed to 
perform; rather, their autonomy must be respected as a design constraint and incentives 
provided to induce desired behavior. Sometimes these incentives are properly aligned, 
and the humans don't represent a vulnerability. But often, a misalignment of incentives 
causes a weakness in the system that can be exploited by clever attackers. Incentive- 
centered design tools help us understand these problems, and provide d ... 

Keywords: botnets, captcha, design, economics, incentives, security, spam 
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Towards Blocking Outgoing Malicious Impostor Emails Q 
Erhan J. Kartaltepe, Shouhuai Xu 

June 2006 Proceedings of the 2006 International Symposium on on World of 
Wireless, Mobile and Multimedia Networks WOWMOM '06 

Publisher: IEEE Computer Society 

Full text available: ^pdf(32Q.41 KB) Additional Information: full cita tion, abstract, index terms 

Electronic mails (emails) have become an indispensable part of most people's daily 
routines. However, they were not designed for deployment in an adversarial environment, 
which explains why there have been so many incidents such as spammingand phishing. 
Malicious impostor emails sent by sophisticated attackers are perhaps even more 
damaging, because their contents, except the attachments, may look perfectly legitimate 
while silently targeting certain critical information such as cryptographic k ... 



8 C omm unication privacy: How to achieve blocking resistance for existing systems Q 
enabling ano n ymo us web surfing 
Stefan Kopsell, Ulf Hillig 

October 2004 Proceedings of the 2004 ACM workshop on Privacy in the electronic 
society WPES '04 

Publisher: ACM Press 

Full text available ^pdf(897>66,KB) Additional Information: full c itatio n, abstract, references, index te rm s 

We are developing a blocking resistant, practical and usable system for anonymous web 
surfing. This means, the system tries to provide as much reachability and availability as 
possible, even to users in countries where the free flow of information is legally, 
organizationally and physically restricted. The proposed solution is an add-on to existing 
anonymity systems. First we give a classification of blocking criteria and some general 
countermeasures. Using these techniques, we outline a cone ... 



Keywords: AN. ON, JAP, Mix, blocking resistance 



Multi-agent systems and social behavior: Blind sales in electronic commerce 
E. Aimeur, G. Brassard, F. S. Mani Onana 

March 2004 Proceedings of the 6th international conference on Electronic commerce 
ICEC '04 

Publisher: ACM Press 

Full text available: pdf(330. 05 KB) Additional Information: full citation, abstract, references, citing s 

We start with the usual paradigm in electronic commerce: a consumer who wants to buy 
from a merchant. However, both parties wish to enjoy maximal privacy. In addition to 
remaining anonymous, the consumer wants to hide her browsing pattern and even the 
identification of the product she may decide to buy. Nevertheless, she wants to be able to 
negotiate the price, pay, receive the product and even enjoy maintenance on it. On the 
other hand, the merchant wants to leak as little information as possib ... 

Keywords: CAPTCHA, anonymous surfing, cryptography, customer buying behaviour, 
electronic commerce, oblivious transfer, private information retrieval 



10 Se ssion 1: On ins tant messaging worms , analysis an d c oun t ermeasures 
Mohammad Mannan, Paul C. van Oorschot 

November 2005 Proceedings of the 2005 ACM workshop on Rapid malcode WORM '05 
Publisher: ACM Press 

Additional Information: full citation, abstract, references, citings, index 
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We provide a collection of minor results on the area of Instant Messaging (IM) worms, 
which has received relatively little attention in the formal literature. We review selected 
IM worms and summarize their main characteristics, motivating a brief overview of the 
network formed by IM contact lists, and a discussion of theoretical consequences of 
worms in such networks. Existing methods to restrict an IM worm epidemic are analyzed 
in terms of usability and effectiveness, leading to the suggestion ... 

Keywords: instant messaging worms, scale-free networks 



11 DDoS defense by offense 

Michael Walfish, Mythili Vutukuru, Hari Balakrishnan, David Karger, Scott Shenker 
August 2006 ACM SIGCOMM Computer Communication Review , Proceedings of the 
2006 conference on Applications, technologies, architectures, and 
protocols for computer communications SIGCOMM '06, volume 36 issue 4 
Publisher: ACM Press 

Full text available:^) .RdfiSMiSBKB). Additional Information: full ..citation abstract, refere nc es, index terms 

This paper presents the design, implementation, analysis, and experimental evaluation of 
speak-up, a defense against application-level distributed denial-of-service (DDoS), in 
which attackers cripple a server by sending legitimate-looking requests that consume 
computational resources {e.g., CPU cycles, disk). With speak-up, a victimized server 
encourages all clients, resources permitting, to automatically send higher volumes of 
traffic. We suppose that attackers are a ... 

Keywords: DoS attack, bandwidth, currency 



12 Secure distributed human computation 

Craig Gentry, Zulfikar Ramzan, Stuart Stubblebine 

June 2005 Proceedings of the 6th ACM conference on Electronic commerce EC '05 
Publisher: ACM Press 

Full text available: ^| pdf(257.80 KB) Additional Information: ful l ci t ation, abstract, re fe r ences , index terms 

This paper is a preliminary exploration of secure distributed human computation. We 
consider the general paradigm of using large-scale distributed computation to solve 
difficult problems, but where humans can act as agents and provide candidate solutions. 
We are especially motivated by problem classes that appear to be difficult for computers 
to solve effectively, but are easier for humans; e.g., image analysis, speech recognition, 
and natural language processing. This paradigm already se ... 

Keywords: B24b, human distributed computation 



13 DOS protection: Using graphic turing tests to counter automated DDoS attacks 
^ against web servers 

^ William G. Morein, Angelos Stavrou, Debra L. Cook, Angelos D. Keromytis, Vishal Misra, Dan 
Rubenstein 

October 2003 Proceedings of the 10th ACM conference on Computer and 
communications security CCS '03 

Publisher: ACM Press 

Full text available- HPI odf(256 83 KB) Additional Information: full c it ati on, abstract, re fe re nces , citin gs, index 
' ^ ! terms 

We present WebSOS, a novel overlay-based architecture that provides guaranteed access 
to a web server that is targeted by a denial of service (DoS) attack. Our approach exploits 
two key characteristics of the web environment: its design around a human-centric 
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interface, and the extensibility inherent in many browsers through downloadable 
"applets." We guarantee access to a web server for a large number of previously unknown 
users, without requiring pre-existing trust relationships between ... 

Keywords: Java, graphic turing tests, web proxies 



14 Authenti cation and authorizatio n : S ec u ri n g passwords against dictionary attacks 
Benny Pinkas, Tomas Sander 

^ November 2002 Proceedings of the 9th ACM conference on Computer and 
communications security CCS '02 
Publisher: ACM Press 

Full text available- fD odf{216 72 KB) Addit i° nal Information: full c it ation , ab st rac t , refer e nces , citin gs, index 
' M — A — te r m s 

The use of passwords is a major point of vulnerability in computer security, as passwords 
are often easy to guess by automated programs running dictionary attacks. Passwords 
remain the most widely used authentication method despite their well-known security 
weaknesses. User authentication is clearly a practical problem. From the perspective of a 
service provider this problem needs to be solved within real-world constraints such as the 
available hardware and software infrastructures. From a user' ... 

15 Scalability in MMOGs: Towards public server MMOs 
v||v Chris Chambers, Wu-chang Feng, Wu-chi Feng 

N/ October 2006 Proceedings of 5th ACM SIGCOMM workshop on Network and system 
support for games NetGames '06 

Publisher: ACM Press 

Full text available: ^ pdf( 190.33 KB) Additional Information: full citation, abstract, references, in dex term s 

While massively multiplayer on-line games (MMOs) are enormously popular, their use of 
the client-server architecture causes them to suffer from scalability issues and high 
maintenance costs. In contrast, the public server architecture employed by most first- 
person shooter (FPS) games scales more easily by relying on user-supplied hosting and 
user-generated content, but lacks persistence between servers that is required in the 
MMO genre. This paper examines an architecture that leverages the r ... 

Keywords: MMO, online games 



16 Rece p tio n a n d posters: ARTiFAClAL: automated r e verse turing test using FACIAL Q 
features 

Yong Rui, Zicheg Liu 

November 2003 Proceedings of the eleventh ACM international conference on 
Multimedia MULTIMEDIA '03 

Publisher: ACM Press 

Full text available- ffl pdf(360 48 KB) Additional Information: full citation, abstract, references, citin gs, i ndex 
"™ terms 

Web services designed for human users are being abused by computer programs (bots). 
The bots steal thousands of free email accounts in a minute; participate in online polls to 
skew results; and irritate people by joining online chat rooms. These real-world issues 
have recently generated a new research area called Human Interactive Proofs (HIP), 
whose goal is to defend services from malicious attacks by differentiating bots from 
human users. In this paper, we propose a new HIP algorithm based on ... 

Keywords: CAPTCHA, face and facial feature detection, human interactive proof (HIP), 
turing test, web services security * 



http://portal.acm.org/resultsxfm^ 11/12/2007 



Results (page 1): captcha 



Page 6 of 7 



17 Demonstration session 2: Excuse me, b ut ar e you human? Q 
Yong Rui, Zicheg Liu 

November 2003 Proceedings of the eleventh ACM international conference on 
Multimedia MULTIMEDIA '03 

Publisher: ACM Press 

Full text available: ^| pdf(1 75.38 KB) Additional Information: full citation , abstract , references , index terms 

Web services designed for human users are being abused by computer programs (bots). 
The bots steal thousands of free email accounts in a minute; participate in online polls to 
skew results; and irritate people by joining online chat rooms. These real-world issues 
have recently generated a new research area called Human Interactive Proofs (HIP), 
whose goal is to defend services from malicious attacks by differentiating bots from 
human users. We propose a new HIP algorithm based on detecting human ... 

Keywords: CAPTCHA, face and facial feature detection, human interactive proof (HIP), 
turing test, web services security 




18 Email and security: Designing human friendly human interaction proofs (HIPs) Q 
Kumar Chellapilla, Kevin Larson, Patrice Simard, Mary Czerwinski 

April 2005 Proceedings of the SIGCHI conference on Human factors in computing 
systems CHI '05 

Publisher: ACM Press 

Full text available: g pdf(471.32 KB) Additional Information: full citation , abstract , references , index terms 

HIPs, or Human Interactive Proofs, are challenges meant to be easily solved by humans, 
while remaining too hard to be economically solved by computers. HIPs are increasingly 
used to protect services against automatic script attacks. To be effective, a HIP must be 
difficult enough to discourage script attacks by raising the computation and/or 
development cost of breaking the HIP to an unprofitable level. At the same time, the HIP 
must be easy enough to solve in order to not discourage humans from ... 

Keywords: completely automated public turing tests to tell computers and humans apart 
(CAPTCHAs), computer vision, evaluation, human interaction proofs (HIPs), human 
perception, visual letter recognition 




1 9 S pam Filterin g Based On T he Analy sis Of Text Information Embedd ed Into Images Q 
Giorgio Fumera, Ignazio Pillai, Fabio Roli 

December 2006 The Journal of Machine Learning Research, volume 7 
Publisher: MIT Press 

Full text available: ^| pdf(418.69 KB) Additional Information: full citation , abstract , index terms 

In recent years anti-spam filters have become necessary tools for Internet service 
providers to face up to the continuously growing spam phenomenon. Current server-side 
anti-spam filters are made up of several modules aimed at detecting different features of 
spam e-mails. In particular, text categorisation techniques have been investigated by 
researchers for the design of modules for the analysis of the semantic content of e-mails, 
due to their potentially higher generalisation capability wit ... 

20 Q foc u s: cybercrime: Criminal code: the making of a cybercriminal Q 
Thomas Wadlow, Vlad Gorelik 
November 2006 Queue, volume 4 issue 9 

Publisher: ACM Press 
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Queue's first-ever narrative chronicles one man's transition from small-time hacker to big- 
time crook. 
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